/build/static/layout/Breadcrumb_cap_w.png

Power Off Script?

Hello all,

I had a question about power-off scripts in the K1000. Currently I have a shut-down script for all desktops that runs every evening. I'd like to extend this script to shut down laptops as well, with one exception. Some employees take their laptops home and work on them, and I don't want these to shutdown. So I want to shutdown any laptop that is still on the local network, but not the laptops that are outside the network. I had considered using a smart label based on IP address, but I'm worried about the possiblity of the laptop being connected by an AMP connection but not updating the inventory before the script runs. Is there another way to make sure the computer is on the local network before running this script? Or is there a better way to achieve my goal. What do you guys recommend? -Ben M

 

Asked 11 years ago 2530 views
0 Comments   [ + ] Show comments

Answers (5)

Posted by: dugullett 11 years ago
Red Belt
0

There's a few scripts out there to check IP address then run a script. These should be able to be modified to work with Kace.

http://transmitterdown.wordpress.com/2011/10/21/login-script-that-checks-current-ip-address-to-a-load-certain-script/

http://social.technet.microsoft.com/Forums/zh/ITCG/thread/d12847b1-9181-41a8-b166-4c4606b34cae

Comments:
  • That thought had occurred to me but our laptops all have IP addresses of 192.168.x.x at work. When they go home the KACE box sees their external IP address at home (which is how the smart label would work), but the computer will still see itself as whatever local IP address the home router gives it (which will probably also be 192.168.x.x). - Ben M 11 years ago
    • Yeah I was going to ask what your subnets were. - dugullett 11 years ago
      • I guess they would also be using VPN? It might be a lot of work to get to the end result, but I wonder if something like this would work?

        @echo off
        PING 192.168.x.x
        IF %errorlevel% neq 0 goto exit
        shutdown /s
        :EXIT
        exit

        Just make sure the IP is something on your network. With 192.168 that might be a little difficult. You could ping the FQDN of something on your network. - dugullett 11 years ago
      • No, most of them are not using a VPN. - Ben M 11 years ago
      • Actually that script might do what I want it to. I'll have to try some tests. - Ben M 11 years ago
Posted by: SMal.tmcc 11 years ago
Red Belt
0

Hey ben should be able to create a smart label based on the dnsdomain they are connected to

this will change at home since they are hooked to the isp's dns

Comments:
  • A custom software item for this would be
    ShellCommandTextReturn(c:\windows\system32\wbem\WMIC.exe nicconfig get dnsdomain
    and run the runkbot at startup so this get updated. Then you can base a label on this - SMal.tmcc 11 years ago
  • I'm going to take a look at running the runkbot at startup and combine it with the IP address based smart label. - Ben M 11 years ago
    • http://www.itninja.com/blog/view/k1000-5-3-agent-commands-runkbot-exe - SMal.tmcc 11 years ago
    • Not sure how many machines you have, but I would try and limit that. Kace says not to have more than 50 machines check in at the same time with their script. You should be ok, but there's always the perfect storm.

      I would also be concerned with login time. - dugullett 11 years ago
      • I would only do this for machines that go off the network - SMal.tmcc 11 years ago
Posted by: SMal.tmcc 11 years ago
Red Belt
0

Ben just ran a report on our off campus laptops and it looks like they are using the ip from isp assigned to their router. we are a 10.xx.xx.xx network, I my network at home is a 10.10 but shows different in the report.

 

Comments:
  • Yea, the K1000 sees the external IP address on machines that are off of the network, not the internal address. That was how I was originally intending to set up my smart label. - Ben M 11 years ago
    • your original idea should be fine,. my at home TMCC laptop natted IP is currently 10.10.100.101 at home but shows as 75.142.249.58 here and if I go into my dsl router/modem that is it's current IP. Do what I did is create a report and check it to see if this will work or not - SMal.tmcc 11 years ago
Posted by: chucksteel 11 years ago
Red Belt
0

Would it be simple enough to use the script function to show an alert before shutting down? If the users are actually using the computer then they'll have the opportunity to cancel the script from running.

Also, I'm guessing that you're running the shutdown script for power savings. Perhaps an alternative idea is to setup your laptops to suspend or hibernate after a given time period. This would effectively shutdown any laptops that aren't being used whether they are on the network or not.

Posted by: merklo 11 years ago
Senior White Belt
0

We tried using IP ranges, DNS suffix, and the runkbot on a regular interval to update smart labels but it did not work very reliably for various reasons.We also have a notice displayed with a countdown timer, but people at home tend to walk away from their computer, and even a 60 minute countdown was not enough.

In retrospect, this simple method worked perfectly and still does after 6 months:

Use Verify step in your shutdown kscript to confirm your \\YOURDOMAIN\NETLOGON directory exists. If it does (Success) then shutdown. If it does not Break On Error and do nothing (I guess you could do something in Remediation but we had no need for that). If you don't have a NETLOGON share (not on a domain) you can use a different network based directory, but make sure that Computer SYSTEM account has access to it. If it does not in your Verify step do a "net use \\somelocation\somefolder /user:username password" to grant the computer SYSTEM account access otherwise it will always fail (this password is visible in KBOX logs so make sure it is a low privilege account with no rights, and the folder you are testing has no sensitive data in it as well).

This took care of our problem with laptops shutting down at home. I hope that helps.

 

Verify

    Verify that the directory “\\YOURDOMAIN\netlogon” exists.

On Success

    Launch “$(KACE_DEPENDENCY_DIR)\shutdown.exe” with params “-f -l 1800 -m ”This is a scheduled nightly shutdown, please press Cancel to continue working.“”.


Comments:
  • very creative, You should test this on a laptop at home that is VPN'd in and see if that dir exists. - SMal.tmcc 11 years ago
  • You are correct--we use SSL VPN to provide specific apps, as there is no full network connectivity our approach works. If you do have full network connection for your users, it may not work for you.

    One more thing to note: in 5.3 the directory path had to end in "\", and in 5.4 it does not. This made for a very interesting day after we upgraded and our customers started calling in about their laptops shutting down at home. Test, test, and test. - merklo 11 years ago

Posted by:

Ben M 9th Degree Black Belt
Ninja since: 12 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login

View more:

Scripting Questions
question

Related Questions

Link

Related Links

Post

Related Posts

Share

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ